A Belgian court has given Facebook 48 hours to stop tracking the online activities of non-Facebook users in Belgium unless they have their explicit consent or face a daily fine of €250,000. The internet giant has pledged to appeal the decision.

“If a surfer doesn’t have an own Facebook account, Facebook from now on will have to explicitly solicit consent and provide the needed explanations,” the Brussels court of first instance said.

Monday’s ruling follows a months-long suit that started in June when Belgium’s data protection regulator accused Facebook of violating EU privacy law by tracking people without their consent using the so-called ‘datr’ cookie. The tracking cookie was placed on an internet user’s system when they visited a Facebook.com site or ‘Liked’ a page on other websites. This allows Facebook to monitor the user’s browsing habits in order to better target advertising to them.

The Brussels court ordered the Silicon Valley company to stop their tracking activities in Belgium within 48 hours or pay a daily fine of up to €250,000.

“Facebook cannot follow people on the internet who are not members of Facebook which is very logical because they cannot have given permission to follow them,” said Margot Neyskens, spokeswoman for Bart Tommelein, Belgian secretary of state for the protection of privacy, in an emailed statement.

Tommelein said that Monday’s ruling means that the Belgian court has jurisdiction over the company on its home turf. Facebook argues that since its European headquarters are in Ireland, the Irish Data Protection Commissioner is the only authority that can restrict their activity.

EU privacy laws require prior consent before installing a cookie or tracking online users. It requires websites that use cookies to notify individuals on their first visit.

Facebook, which reported $7.5 billion in second quarter revenue this year, says they will appeal the court’s decision. The social media giant argues that their tracking activity identifies browsers, not the people themselves, and helps the company to distinguish legitimate visitors from possible attackers.

“We’ve used the ‘datr’ cookie for more than five years to keep Facebook secure for 1.5 billion people around the world,” a spokeswoman said. “We will appeal this decision and are working to minimize any disruption to people’s access to Facebook in Belgium.”